SUSE Linux Enterprise 12 SP3: 2018:2328-1 Important: Denial Of Service Fix

suse

August 15, 2018

An update that solves 5 vulnerabilities and has 29 fixes is now available

Summary

The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.143 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-5390 aka "SegmentSmack": Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service (bnc#1102340). - CVE-2018-14734: drivers/infiniband/core/ucma.c in the Linux kernel allowed ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allowed attackers to cause a denial of service (use-after-free) (bnc#1103119). - CVE-2017-18344: The timer_create syscall implementation in kernel/time/posix-timers.c didn't properly validate the

Topics Covered

security advisory denial of service kernel update important update SUSE Linux Enterprise patch instructions security bugfix

References

#1012382 #1082653 #1085042 #1085536 #1087081

#1089343 #1090123 #1090435 #1092001 #1094244

#1095643 #1096978 #1097771 #1099858 #1100132

#1100930 #1101658 #1101789 #1102188 #1102197

#1102203 #1102205 #1102207 #1102211 #1102214

#1102215 #1102340 #1102394 #1102683 #1102851

#1103119 #1103580 #1103745 #1103884

Cross- CVE-2017-18344 CVE-2018-14734 CVE-2018-3620

CVE-2018-3646 CVE-2018-5390

Affected Products:

SUSE Linux Enterprise Workstation Extension 12-SP3

SUSE Linux Enterprise Software Development Kit 12-SP3

SUSE Linux Enterprise Server 12-SP3

SUSE Linux Enterprise Live Patching 12-SP3

SUSE Linux Enterprise High Availability 12-SP3

SUSE Linux Enterprise Desktop 12-SP3

SUSE CaaS Platform ALL

S...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2018:2328-1

Rating: important

Topics Covered

security advisory denial of service kernel update important update SUSE Linux Enterprise patch instructions security bugfix

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise 12 SP3: 2018:2328-1 Important: Denial Of Service Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise 12 SP3: 2018:2328-1 Important: Denial Of Service Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!